Filtered by vendor Best Pos Management System Project
Subscribe
Filtered by product Best Pos Management System
Subscribe
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27202 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 9.8 CRITICAL |
| Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php. | |||||
| CVE-2023-27205 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 9.8 CRITICAL |
| Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/sales_report.php. | |||||
| CVE-2023-27204 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 9.8 CRITICAL |
| Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/manage_user.php. | |||||
| CVE-2023-27203 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 9.8 CRITICAL |
| Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php. | |||||
| CVE-2023-27206 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /kruxton/navbar.php of Best POS Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter. | |||||
| CVE-2023-0945 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-02 | N/A | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "><img src=x onerror=prompt(document.domain);> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221592. | |||||
| CVE-2023-0943 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-02-27 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects some unknown processing of the file index.php?page=site_settings of the component Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221591. | |||||
| CVE-2023-0946 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-02-27 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-221593 was assigned to this vulnerability. | |||||